[GH-ISSUE #721] OAuth2 and Microsoft Graph Api error: The request body must contain the following parameter: 'grant_type'. #467

New issue

Closed

opened 2026-03-03 16:48:52 +03:00 by kerem · 2 comments

kerem commented

2026-03-03 16:48:52 +03:00

Owner

Originally created by @mixable on GitHub (Jun 25, 2024).
Original GitHub issue: https://github.com/OAuthSwift/OAuthSwift/issues/721

Description:

Ii want to use this lib for OAuth2 and Office 365 (Microsoft Graph Api). The implementation looks like this:

        oauthswift = OAuth2Swift(
            consumerKey: "xxxx"
            consumerSecret: "", // not used
            authorizeUrl: "https://login.microsoftonline.com/common/oauth2/v2.0/authorize",
            accessTokenUrl: "https://login.microsoftonline.com/common/oauth2/v2.0/token",
            responseType: "code"
        )

        // ...

        oauthswift.authorize(
            withCallbackURL: URL(string: "xxxxx")!,
            scope: "user.read mail.send offline_access",
            state: "outlookapi"
        ) { (result) in
             // ...
        }

The initial authorization works as expected. But when it comes to a token renewal using the refresh_token, the auth request to https://login.microsoftonline.com/common/oauth2/v2.0/token fails with the following requestError:

{
  "error":"invalid_request",
  "error_description":"AADSTS900144: The request body must contain the following parameter: 'grant_type'. [...]",
  "error_codes":[900144],
  "error_uri":"https://login.microsoftonline.com/error?code=900144"

The reason is the parameter grant_type which is not in the body. With different settings, I was not able to get rid of this error. Do you have any ideas how to solve this issue? Or how to configure the OAuth2Swift object for Microsofts Graph Api?

This is the documentation of Microsofts Graph Api and OAuth2:
https://learn.microsoft.com/en-us/graph/auth-v2-user?tabs=http#5-use-the-refresh-token-to-renew-an-expired-access-token

I also found this discussion on StackOverflow:
https://stackoverflow.com/questions/49513122/oauth2-error-aadsts90014-the-request-body-must-contain-the-following-parameter

OAuth Provider? (Twitter, Github, ..):

Office 365 / Microsoft Graph Api

OAuth Version:

Version 1
Version 2

OS (Please fill the version) :

iOS :
OSX :
TVOS :
WatchOS :

Installation method:

Carthage
CocoaPods
Swift Package Manager
Manually

Library version:

head
v2.1.0
v2.0.0
v1.4.1
other: (Please fill in the version you are using.)

Xcode version:

11.4 (Swift 5.2)
11.x (Swift 5.1)
10.x (Swift 5.0)
other: (Please fill in the version you are using.)
objective c

Originally created by @mixable on GitHub (Jun 25, 2024). Original GitHub issue: https://github.com/OAuthSwift/OAuthSwift/issues/721 ### Description: Ii want to use this lib for OAuth2 and Office 365 (Microsoft Graph Api). The implementation looks like this: ```php oauthswift = OAuth2Swift( consumerKey: "xxxx" consumerSecret: "", // not used authorizeUrl: "https://login.microsoftonline.com/common/oauth2/v2.0/authorize", accessTokenUrl: "https://login.microsoftonline.com/common/oauth2/v2.0/token", responseType: "code" ) // ... oauthswift.authorize( withCallbackURL: URL(string: "xxxxx")!, scope: "user.read mail.send offline_access", state: "outlookapi" ) { (result) in // ... } ``` The initial authorization works as expected. But when it comes to a token renewal using the `refresh_token`, the auth request to `https://login.microsoftonline.com/common/oauth2/v2.0/token` fails with the following requestError: ```json { "error":"invalid_request", "error_description":"AADSTS900144: The request body must contain the following parameter: 'grant_type'. [...]", "error_codes":[900144], "error_uri":"https://login.microsoftonline.com/error?code=900144" ``` The reason is the parameter `grant_type` which is not in the body. With different settings, I was not able to get rid of this error. Do you have any ideas how to solve this issue? Or how to configure the OAuth2Swift object for Microsofts Graph Api? This is the documentation of Microsofts Graph Api and OAuth2: \ https://learn.microsoft.com/en-us/graph/auth-v2-user?tabs=http#5-use-the-refresh-token-to-renew-an-expired-access-token I also found this discussion on StackOverflow: \ https://stackoverflow.com/questions/49513122/oauth2-error-aadsts90014-the-request-body-must-contain-the-following-parameter ### OAuth Provider? (Twitter, Github, ..): Office 365 / Microsoft Graph Api ### OAuth Version: - [ ] Version 1 - [x] Version 2 ### OS (Please fill the version) : - [x] iOS : - [ ] OSX : - [ ] TVOS : - [ ] WatchOS : ### Installation method: - [ ] Carthage - [x] CocoaPods - [ ] Swift Package Manager - [ ] Manually ### Library version: - [ ] head - [x] v2.1.0 - [ ] v2.0.0 - [ ] v1.4.1 - [ ] other: (Please fill in the version you are using.) ### Xcode version: - [x] 11.4 (Swift 5.2) - [ ] 11.x (Swift 5.1) - [ ] 10.x (Swift 5.0) - [ ] other: (Please fill in the version you are using.) - [ ] objective c

kerem closed this issue

2026-03-03 16:48:53 +03:00

kerem commented

2026-03-03 16:48:53 +03:00

Author

Owner

@phimage commented on GitHub (Jun 25, 2024):

hi, code used to renew token?

grant type is added in parameters for renewAccessToken
https://github.com/OAuthSwift/OAuthSwift/blob/master/Sources/OAuthSwiftClient.swift#L201
do not know if passed as body or query parameters

@phimage commented on GitHub (Jun 25, 2024): hi, code used to renew token? grant type is added in parameters for renewAccessToken https://github.com/OAuthSwift/OAuthSwift/blob/master/Sources/OAuthSwiftClient.swift#L201 do not know if passed as body or query parameters

kerem commented

2026-03-03 16:48:54 +03:00

Author

Owner

@mixable commented on GitHub (Jun 25, 2024):

The request is started with startAuthorizedRequest(). This will automatically call renewAccessToken() if the access token expired.

The code for the authorized request is:

        oauthswift.startAuthorizedRequest(
            "https://outlook.office.com/api/v2.0/me/sendmail",
            method: .POST,
            parameters: getMailParameters(),
            headers: [
                "Content-Type":"application/json",
                "Accept":"application/json"
            ],
            onTokenRenewal: { (result) in
                // ...
            }
        ) { result in
            // ...
        }

I think, this way the parameters are passed as query parameters.

I saw that the method startAuthorizedRequest also provides the option renewHeaders:. I didn't use this before, but I added the form data content type to the renewHeaders:

            renewHeaders: [
                "Content-Type":"application/x-www-form-urlencoded"
            ],

And what should I say: with this, the token renewal worked as expected!!

Thank you for pointing me to this!!

@mixable commented on GitHub (Jun 25, 2024): The request is started with [startAuthorizedRequest()](https://github.com/OAuthSwift/OAuthSwift/blob/fe6b6a4ccb0f6fba346a06ae34a75b0733afa70d/Sources/OAuth2Swift.swift#L279). This will automatically call [renewAccessToken()](https://github.com/OAuthSwift/OAuthSwift/blob/fe6b6a4ccb0f6fba346a06ae34a75b0733afa70d/Sources/OAuth2Swift.swift#L307) if the access token expired. The code for the authorized request is: ```swift oauthswift.startAuthorizedRequest( "https://outlook.office.com/api/v2.0/me/sendmail", method: .POST, parameters: getMailParameters(), headers: [ "Content-Type":"application/json", "Accept":"application/json" ], onTokenRenewal: { (result) in // ... } ) { result in // ... } ``` I think, this way the parameters are passed as query parameters. I saw that the method startAuthorizedRequest also provides the option `renewHeaders:`. I didn't use this before, but I added the form data content type to the renewHeaders: ```swift renewHeaders: [ "Content-Type":"application/x-www-form-urlencoded" ], ``` **And what should I say: with this, the token renewal worked as expected!!** Thank you for pointing me to this!!